Skip to content

PKI Login REST API

Endi S. Dewata edited this page Oct 24, 2023 · 7 revisions

Request

  • Method: GET

  • Path: /<subsystem>/rest/account/login

  • Authentication: Not required

  • Content: None

  • Success code: 200

Source

Examples

CA

JSON
$ curl \
    -k \
    -s \
    -H "Accept: application/json" \
    --user caadmin:Secret.123 \
    --cookie-jar cookies \
    https://localhost.localdomain:8443/ca/rest/account/login | python -m json.tool
{
    "Attributes": {
        "Attribute": []
    },
    "id": "caadmin",
    "FullName": "caadmin",
    "Email": "[email protected]",
    "Roles": {
        "Role": [
            "Administrators",
            "Certificate Manager Agents",
            "Enterprise CA Administrators",
            "Enterprise KRA Administrators",
            "Enterprise OCSP Administrators",
            "Enterprise RA Administrators",
            "Enterprise TKS Administrators",
            "Enterprise TPS Administrators",
            "Security Domain Administrators"
        ]
    }
}
XML
$ curl \
    -k \
    -s \
    -H "Accept: application/xml" \
    --user caadmin:Secret.123 \
    --cookie-jar cookies \
    https://localhost.localdomain:8443/ca/rest/account/login | xmllint --format -
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Account id="caadmin">
  <Attributes/>
  <FullName>caadmin</FullName>
  <Email>[email protected]</Email>
  <Roles>
    <Role>Administrators</Role>
    <Role>Certificate Manager Agents</Role>
    <Role>Enterprise CA Administrators</Role>
    <Role>Enterprise KRA Administrators</Role>
    <Role>Enterprise OCSP Administrators</Role>
    <Role>Enterprise RA Administrators</Role>
    <Role>Enterprise TKS Administrators</Role>
    <Role>Enterprise TPS Administrators</Role>
    <Role>Security Domain Administrators</Role>
  </Roles>
</Account>

KRA

JSON
$ curl \
    -k \
    -s \
    -H "Accept: application/json" \
    --user kraadmin:Secret.123 \
    --cookie-jar cookies \
    https://localhost.localdomain:8443/kra/rest/account/login | python -m json.tool
{
    "Attributes": {
        "Attribute": []
    },
    "id": "kraadmin",
    "FullName": "kraadmin",
    "Email": "[email protected]",
    "Roles": {
        "Role": [
            "Administrators",
            "Data Recovery Manager Agents"
        ]
    }
}

OCSP

JSON
$ curl \
    -k \
    -s \
    -H "Accept: application/json" \
    --user ocspadmin:Secret.123 \
    --cookie-jar cookies \
    https://localhost.localdomain:8443/ocsp/rest/account/login | python -m json.tool
{
    "Attributes": {
        "Attribute": []
    },
    "id": "ocspadmin",
    "FullName": "ocspadmin",
    "Email": "[email protected]",
    "Roles": {
        "Role": [
            "Administrators",
            "Online Certificate Status Manager Agents"
        ]
    }
}

TKS

JSON
$ curl \
    -k \
    -s \
    -H "Accept: application/json" \
    --user tksadmin:Secret.123 \
    --cookie-jar cookies \
    https://localhost.localdomain:8443/tks/rest/account/login | python -m json.tool
{
    "Attributes": {
        "Attribute": []
    },
    "id": "tksadmin",
    "FullName": "tksadmin",
    "Email": "[email protected]",
    "Roles": {
        "Role": [
            "Administrators",
            "Token Key Service Manager Agents"
        ]
    }
}

TPS

JSON
$ curl \
    -k \
    -s \
    -H "Accept: application/json" \
    --user tpsadmin:Secret.123 \
    --cookie-jar cookies \
    https://localhost.localdomain:8443/tps/rest/account/login | python -m json.tool
{
    "Attributes": {
        "Attribute": [
            {
                "name": "components",
                "value": "Audit_Logging,Authentication_Sources,Profiles,Profile_Mappings,Generals,Subsystem_Connections"
            }
        ]
    },
    "id": "tpsadmin",
    "FullName": "tpsadmin",
    "Email": "[email protected]",
    "Roles": {
        "Role": [
            "Administrators",
            "TPS Agents",
            "TPS Operators"
        ]
    }
}

See also

The ACME subsystem has a different login process documented here.

Clone this wiki locally